Forms-Based Authentication in SharePoint 2013

Amr Monjid
Sep 02, 2014

18.4k
0
2
- facebook
- twitter
- linkedIn
- Reddit
- WhatsApp
- Email
- Print
- Other Artcile

Overview

Forms-Based Authentication is a claims-based identity management system that is based on ASP.NET membership and role provider authentication.

Forms-Based Authentication can be used against the following authentication providers:

AD DS
A membership database such as a SQL Server database
A Lightweight Directory Access Protocol (LDAP)

Forms-based Claims Authentication Process

Windows Claims Authentication is an interaction among a "Client Computer", "SharePoint Server" and a "Membership and Role Provider".

Form based Authentication Process

At first an anonymous user initiates a request to a secured SharePoint page as in the following:
SharePoint responds and sends a forms-based login page for the user to enter the credentials as in the following:
The user on the client computer types the credentials and the client computer sends them as in the following:
SharePoint validates the credentials against the membership provider as in the following:
The SharePoint server queries the role provider for the roles associated with the user credentials as in the following:
The Security Token Service on the SharePoint server creates a claims-based security token and stores it with the distributed cache service on the SharePoint farm. the SharePoint sever then creates and sends a federated authentication cookie to the client computer, this cookie contains an encrypted key of the security toke. If the user is authorized to access the requested webpage through analysis of the claims in the security token then SharePoint sends the contents of the page.